1-- |
2-- Module      : Crypto.PubKey.ECIES
3-- License     : BSD-style
4-- Maintainer  : Vincent Hanquez <vincent@snarc.org>
5-- Stability   : experimental
6-- Portability : unknown
7--
8-- IES with Elliptic curve <https://en.wikipedia.org/wiki/Integrated_Encryption_Scheme>
9--
10-- This is a simple cryptographic system between 2 parties using Elliptic Curve.
11--
12-- The sending party create a shared secret using the receiver public key, and use the shared secret
13-- to generate cryptographic material for an symmetric encryption scheme (preferably authenticated encryption).
14--
15-- The receiving party receive the temporary ephemeral public key which is combined to its secret key
16-- to create the shared secret which just like on the sending is used to generate cryptographic material.
17--
18-- This module doesn't provide any symmetric data encryption capability or any mean to derive
19-- cryptographic key material for a symmetric key from the shared secret.
20-- this is left to the user for now.
21--
22module Crypto.PubKey.ECIES
23    ( deriveEncrypt
24    , deriveDecrypt
25    ) where
26
27import           Crypto.ECC
28import           Crypto.Error
29import           Crypto.Random
30
31-- | Generate random a new Shared secret and the associated point
32-- to do a ECIES style encryption
33deriveEncrypt :: (MonadRandom randomly, EllipticCurveDH curve)
34              => proxy curve -- ^ representation of the curve
35              -> Point curve -- ^ the public key of the receiver
36              -> randomly (CryptoFailable (Point curve, SharedSecret))
37deriveEncrypt proxy pub = do
38    (KeyPair rPoint rScalar) <- curveGenerateKeyPair proxy
39    return $ (\s -> (rPoint, s)) `fmap` ecdh proxy rScalar pub
40
41-- | Derive the shared secret with the receiver key
42-- and the R point of the scheme.
43deriveDecrypt :: EllipticCurveDH curve
44              => proxy curve  -- ^ representation of the curve
45              -> Point curve  -- ^ The received R (supposedly, randomly generated on the encrypt side)
46              -> Scalar curve -- ^ The secret key of the receiver
47              -> CryptoFailable SharedSecret
48deriveDecrypt proxy point secret = ecdh proxy secret point
49